So I was updating our (debian based) nameservers from pdns 2.x to 3.x the other day and was thinkig: Why not Zoidberg^WOpenBSD?
Changelog: http://doc.powerdns.com/html/changelog.html#changelog-auth-3-2 * DNSSEC support (weeeee ;) ) * sqlite2 is gone "The gsqlite (SQLite 2) backend was removed. We were not aware of any users and it was not actually working anyway." All patches can go but unfortunatly there are two new patches. They are already applied upstream but missed the 3.2 release. - build tested on i386 and amd64 - tested on amd64 with mysql/postgres/sqlite3 (including DNSSEC) - update 2.9.22.6 -> 3.2 tested. I would appreciate tests on more archs and of the ldap backend. Comments, OKs? Index: Makefile =================================================================== RCS file: /cvs/ports/net/powerdns/Makefile,v retrieving revision 1.27 diff -u -p -r1.27 Makefile --- Makefile 21 Mar 2013 08:46:35 -0000 1.27 +++ Makefile 20 May 2013 18:12:04 -0000 @@ -7,7 +7,7 @@ COMMENT-mysql= MySQL database access mo COMMENT-pgsql= PGSQL database access module for PowerDNS COMMENT-ldap= LDAP module for PowerDNS -V= 2.9.22.6 +V= 3.2 DISTNAME= pdns-${V} PKGNAME= powerdns-${V} PKGNAME-main= powerdns-${V} @@ -17,8 +17,6 @@ PKGNAME-ldap= powerdns-ldap-${V} CATEGORIES= net HOMEPAGE= http://www.powerdns.com/ -REVISION-main= 0 - MULTI_PACKAGES= -main # GPLv2 @@ -70,8 +68,6 @@ CONFIGURE_ARGS+= --without-ldap MULTI_PACKAGES+= -ldap LIB_DEPENDS-ldap= databases/openldap RUN_DEPENDS-ldap= ${FULLPKGNAME-main}:net/powerdns -CONFIGURE_ARGS+= --with-ldap=${LOCALBASE} \ - --with-ldap-includes=${LOCALBASE}/include WANTLIB-ldap+= asn1 com_err crypto gssapi krb5 lber-2.4 ldap_r-2.4 sasl2 ssl ${WANTLIB} BACKENDS+= ldap .endif @@ -81,14 +77,13 @@ BUILD_DEPENDS+= ${MODGNU_AUTOCONF_DEPEN SYSCONFDIR= ${BASESYSCONFDIR}/pdns CONFIGURE_STYLE= autoconf -AUTOCONF_VERSION= 2.65 +AUTOCONF_VERSION= 2.67 CONFIGURE_ARGS+= --disable-shared \ --libdir="${PREFIX}/lib/powerdns" \ --with-modules="geo" \ --with-dynmodules="${BACKENDS}" \ - --with-sqlite3=/usr \ - --with-sqlite3-includes=/usr/include \ - --without-sqlite \ + --with-sqlite3 \ + --without-lua \ --disable-recursor # OpenBSD lacks ucontext.h, see PR 5099 CONFIGURE_ENV+= CPPFLAGS="-I${LOCALBASE}/include" \ LDFLAGS="-L${LOCALBASE}/lib" Index: distinfo =================================================================== RCS file: /cvs/ports/net/powerdns/distinfo,v retrieving revision 1.5 diff -u -p -r1.5 distinfo --- distinfo 28 Jan 2012 08:07:26 -0000 1.5 +++ distinfo 20 May 2013 18:12:04 -0000 @@ -1,5 +1,2 @@ -MD5 (pdns-2.9.22.6.tar.gz) = /5e6mAsyKtthw+nJ6cSt7w== -RMD160 (pdns-2.9.22.6.tar.gz) = 4MYEjmg+yoMIM2eS2xYowXJ30Xo= -SHA1 (pdns-2.9.22.6.tar.gz) = YI1SVbKYmQL9xgSM2BvAe8EwXj4= -SHA256 (pdns-2.9.22.6.tar.gz) = /bu8IJNjEC0CbxpDS880WfpwAmp4wxRsNv0e0UkkLQ4= -SIZE (pdns-2.9.22.6.tar.gz) = 1090648 +SHA256 (pdns-3.2.tar.gz) = 0YlaugZURtxo5dfMeS1TA2JscXWfYaRVUx7WXVnAZXI= +SIZE (pdns-3.2.tar.gz) = 1293593 Index: files/pdns.conf =================================================================== RCS file: /cvs/ports/net/powerdns/files/pdns.conf,v retrieving revision 1.2 diff -u -p -r1.2 pdns.conf --- files/pdns.conf 7 Oct 2008 21:02:53 -0000 1.2 +++ files/pdns.conf 20 May 2013 18:12:04 -0000 @@ -12,10 +12,6 @@ #gpgsql-user=pdns #gpgsql-password=pdns -# SQLite -#launch=gsqlite -#gsqlite-database=<path to your SQLite database> - # SQLite 3 #launch=gsqlite3 #gsqlite3-database=<path to your SQLite database> @@ -35,7 +31,7 @@ ################################# # allow-axfr-ips Allow zonetransfers only to these subnets # -# allow-axfr-ips=0.0.0.0/0 +# allow-axfr-ips=0.0.0.0/0,::/0 ################################# # allow-recursion List of subnets that are allowed to recurse @@ -43,11 +39,6 @@ # allow-recursion=0.0.0.0/0 ################################# -# allow-recursion-override Set this so that local data fully overrides the recursor -# -# allow-recursion-override=no - -################################# # cache-ttl Seconds to store packets in the PacketCache # # cache-ttl=20 @@ -105,7 +96,37 @@ ################################# # do-ipv6-additional-processing Do AAAA additional processing # -# do-ipv6-additional-processing=no +# do-ipv6-additional-processing=yes + +################################# +# edns-subnet-option-number EDNS option number to use +# +# edns-subnet-option-number=20730 + +################################# +# edns-subnet-processing If we should act on EDNS Subnet options +# +# edns-subnet-processing=no + +################################# +# entropy-source If set, read entropy from this file +# +# entropy-source=/dev/urandom + +################################# +# experimental-direct-dnskey EXPERIMENTAL: fetch DNSKEY RRs from backend during DNSKEY synthesis +# +# experimental-direct-dnskey=no + +################################# +# experimental-json-interface If the webserver should serve JSON data +# +# experimental-json-interface=no + +################################# +# experimental-logfile Filename of the log file for JSON parser +# +# experimental-logfile=/var/log/pdns.log ################################# # fancy-records Process URL and MBOXFW records @@ -123,11 +144,6 @@ # launch= ################################# -# lazy-recursion Only recurse if question cannot be answered locally -# -# lazy-recursion=yes - -################################# # load-modules Load this module - supply absolute or relative path # # load-modules= @@ -153,14 +169,14 @@ # log-dns-details= ################################# -# log-failed-updates If PDNS should log failed update requests +# log-dns-queries If PDNS should log all incoming DNS queries # -# log-failed-updates= +# log-dns-queries=no ################################# -# logfile Logfile to use +# log-failed-updates If PDNS should log failed update requests # -# logfile=pdns.log +# log-failed-updates= ################################# # logging-facility Log under a specific facility @@ -173,11 +189,26 @@ # loglevel=4 ################################# +# lua-prequery-script Lua script with prequery handler +# +# lua-prequery-script= + +################################# # master Act as a master # # master=no ################################# +# max-cache-entries Maximum number of cache entries +# +# max-cache-entries=1000000 + +################################# +# max-ent-entries Maximum number of empty non-terminals in a zone +# +# max-ent-entries=100000 + +################################# # max-queue-length Maximum queuelength before considering situation lost # # max-queue-length=5000 @@ -193,7 +224,7 @@ # module-dir=/usr/local/lib ################################# -# negquery-cache-ttl Seconds to store packets in the PacketCache +# negquery-cache-ttl Seconds to store negative query results in the QueryCache # # negquery-cache-ttl=60 @@ -208,19 +239,29 @@ # out-of-zone-additional-processing=yes ################################# +# overload-queue-length Maximum queuelength moving to packetcache only +# +# overload-queue-length=0 + +################################# # pipebackend-abi-version Version of the pipe backend ABI # # pipebackend-abi-version=1 ################################# -# query-cache-ttl Seconds to store packets in the PacketCache +# query-cache-ttl Seconds to store query results in the QueryCache # # query-cache-ttl=20 ################################# # query-local-address Source IP address for sending queries # -# query-local-address= +# query-local-address=0.0.0.0 + +################################# +# query-local-address6 Source IPv6 address for sending queries +# +# query-local-address6=:: ################################# # query-logging Hint backends that queries should be logged @@ -233,7 +274,12 @@ # queue-limit=1500 ################################# -# recursive-cache-ttl Seconds to store packets in the PacketCache +# receiver-threads Default number of Distributor (backend) threads to start +# +# receiver-threads=1 + +################################# +# recursive-cache-ttl Seconds to store packets for recursive queries in the PacketCache # # recursive-cache-ttl=10 @@ -243,11 +289,21 @@ # recursor=no ################################# +# retrieval-threads Number of AXFR-retrieval threads for slave operation +# +# retrieval-threads=2 + +################################# # send-root-referral Send out old-fashioned root-referral instead of ServFail in case of no authority # # send-root-referral=no ################################# +# server-id Returned when queried for 'server.id' TXT or NSID, defaults to hostname +# +# server-id= + +################################# # setgid If set, change group id to this gid for more security # # setgid= 609 @@ -258,9 +314,9 @@ # setuid= 609 ################################# -# skip-cname Do not perform CNAME indirection for each query +# signing-threads Default number of signer threads to start # -# skip-cname=no +# signing-threads=3 ################################# # slave Act as a slave @@ -273,6 +329,11 @@ # slave-cycle-interval=60 ################################# +# slave-renotify If we should send out notifications for slaved updates +# +# slave-renotify=no + +################################# # smtpredirector Our smtpredir MX host # # smtpredirector=a.misconfigured.powerdns.smtp.server @@ -283,7 +344,7 @@ # soa-expire-default=604800 ################################# -# soa-minimum-ttl Default SOA mininum ttl +# soa-minimum-ttl Default SOA minimum ttl # # soa-minimum-ttl=3600 @@ -313,14 +374,39 @@ # strict-rfc-axfrs=no ################################# -# urlredirector Where we send hosts to that need to be url redirected +# tcp-control-address If set, PowerDNS can be controlled over TCP on this address # -# urlredirector=127.0.0.1 +# tcp-control-address= ################################# -# use-logfile Use a log file +# tcp-control-port If set, PowerDNS can be controlled over TCP on this address # -# use-logfile=no +# tcp-control-port=53000 + +################################# +# tcp-control-range If set, remote control of PowerDNS is possible over these networks only +# +# tcp-control-range=127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fe80::/10 + +################################# +# tcp-control-secret If set, PowerDNS can be controlled over TCP after passing this secret +# +# tcp-control-secret= + +################################# +# traceback-handler Enable the traceback handler (Linux only) +# +# traceback-handler=yes + +################################# +# trusted-notification-proxy IP address of incoming notification proxy +# +# trusted-notification-proxy= + +################################# +# urlredirector Where we send hosts to that need to be url redirected +# +# urlredirector=127.0.0.1 ################################# # version-string PowerDNS version in packets - full, anonymous, powerdns or custom @@ -356,8 +442,3 @@ # wildcard-url Process URL and MBOXFW records # # wildcard-url=no - -################################# -# wildcards Honor wildcards in the database -# -# wildcards= Index: patches/patch-configure_in =================================================================== RCS file: patches/patch-configure_in diff -N patches/patch-configure_in --- patches/patch-configure_in 24 Oct 2011 19:47:55 -0000 1.2 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,16 +0,0 @@ -$OpenBSD: patch-configure_in,v 1.2 2011/10/24 19:47:55 sthen Exp $ ---- configure.in.orig Sun Jan 25 12:25:37 2009 -+++ configure.in Fri Oct 21 08:16:12 2011 -@@ -87,12 +87,6 @@ linux*) - THREADFLAGS="-pthread" - CXXFLAGS="-D_GNU_SOURCE $CXXFLAGS" - ;; --openbsd*) -- AC_DEFINE(HAVE_IPV6,1,[If the host operating system understands IPv6]) -- DYNLINKFLAGS="-rdynamic" -- LDFLAGS="-lc_r $LDFLAGS" -- CXXFLAGS="-pthread $CXXFLAGS" -- ;; - *) - AC_DEFINE(HAVE_IPV6,1,[If the host operating system understands IPv6]) - DYNLINKFLAGS="-rdynamic" Index: patches/patch-modules_gpgsqlbackend_Makefile_in =================================================================== RCS file: patches/patch-modules_gpgsqlbackend_Makefile_in diff -N patches/patch-modules_gpgsqlbackend_Makefile_in --- patches/patch-modules_gpgsqlbackend_Makefile_in 11 Jan 2012 01:41:47 -0000 1.3 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,15 +0,0 @@ -$OpenBSD: patch-modules_gpgsqlbackend_Makefile_in,v 1.3 2012/01/11 01:41:47 sthen Exp $ - -libcrypt doesn't exist on OpenBSD. - ---- modules/gpgsqlbackend/Makefile.in.orig Thu Jan 5 09:27:41 2012 -+++ modules/gpgsqlbackend/Makefile.in Tue Jan 10 14:31:26 2012 -@@ -249,7 +249,7 @@ libgpgsqlbackend_la_SOURCES = gpgsqlbackend.cc gpgsqlb - libgpgsqlbackend_la_LDFLAGS = -module -avoid-version @PGSQL_lib@ -Wl,-Bstatic -lpq \ - -Wl,-Bdynamic - --libgpgsqlbackend_la_LIBADD = -lssl -lcrypt -lcrypto -+libgpgsqlbackend_la_LIBADD = -lssl -lcrypto - all: all-am - - .SUFFIXES: Index: patches/patch-modules_gpgsqlbackend_OBJECTLIBS =================================================================== RCS file: patches/patch-modules_gpgsqlbackend_OBJECTLIBS diff -N patches/patch-modules_gpgsqlbackend_OBJECTLIBS --- patches/patch-modules_gpgsqlbackend_OBJECTLIBS 23 Jun 2009 22:59:57 -0000 1.3 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,11 +0,0 @@ -$OpenBSD: patch-modules_gpgsqlbackend_OBJECTLIBS,v 1.3 2009/06/23 22:59:57 sthen Exp $ - -libcrypt doesn't exist on OpenBSD. - ---- modules/gpgsqlbackend/OBJECTLIBS.orig Wed Nov 19 08:31:09 2008 -+++ modules/gpgsqlbackend/OBJECTLIBS Mon Jun 22 23:52:28 2009 -@@ -1,3 +1,3 @@ ---lpq -lssl -lcrypto -lcrypt -+-lpq -lssl -lcrypto - - Index: patches/patch-pdns_Makefile_in =================================================================== RCS file: patches/patch-pdns_Makefile_in diff -N patches/patch-pdns_Makefile_in --- patches/patch-pdns_Makefile_in 11 Jan 2012 01:41:47 -0000 1.4 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,16 +0,0 @@ -$OpenBSD: patch-pdns_Makefile_in,v 1.4 2012/01/11 01:41:47 sthen Exp $ - -Remove target that we take care of in post-install. - ---- pdns/Makefile.in.orig Thu Jan 5 09:27:41 2012 -+++ pdns/Makefile.in Tue Jan 10 14:31:26 2012 -@@ -1286,8 +1286,7 @@ install-dvi: install-dvi-recursive - - install-dvi-am: - --install-exec-am: install-binPROGRAMS install-sbinPROGRAMS \ -- install-sysconfDATA -+install-exec-am: install-binPROGRAMS install-sbinPROGRAMS - - install-html: install-html-recursive - Index: patches/patch-pdns_dns_hh =================================================================== RCS file: patches/patch-pdns_dns_hh diff -N patches/patch-pdns_dns_hh --- patches/patch-pdns_dns_hh 24 Oct 2011 19:47:55 -0000 1.4 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,12 +0,0 @@ -$OpenBSD: patch-pdns_dns_hh,v 1.4 2011/10/24 19:47:55 sthen Exp $ ---- pdns/dns.hh.orig Sat Nov 15 15:05:43 2008 -+++ pdns/dns.hh Fri Oct 21 08:37:48 2011 -@@ -173,7 +173,7 @@ enum { - #ifdef WIN32 - #define BYTE_ORDER 1 - #define LITTLE_ENDIAN 1 --#elif __FreeBSD__ || __APPLE__ -+#elif __FreeBSD__ || __APPLE__ || __OpenBSD__ - #include <machine/endian.h> - #elif __linux__ - # include <endian.h> Index: patches/patch-pdns_dnspcap_hh =================================================================== RCS file: patches/patch-pdns_dnspcap_hh diff -N patches/patch-pdns_dnspcap_hh --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-pdns_dnspcap_hh 20 May 2013 18:12:04 -0000 @@ -0,0 +1,17 @@ +$OpenBSD$ +--- pdns/dnspcap.hh.orig Thu Jan 17 10:16:52 2013 ++++ pdns/dnspcap.hh Fri May 17 14:08:05 2013 +@@ -10,9 +10,12 @@ + #include <netinet/in_systm.h> + #include <netinet/ip.h> + #include <netinet/udp.h> +-#if defined(__NetBSD__) || defined(__OpenBSD__) ++#if defined(__NetBSD__) + #include <net/if.h> + #include <net/if_ether.h> ++#elif defined (__OpenBSD__) ++#include <net/if.h> ++#include <netinet/if_ether.h> + #elif defined (__SVR4) && defined (__sun) + #include <sys/ethernet.h> + #else Index: patches/patch-pdns_nameserver_cc =================================================================== RCS file: patches/patch-pdns_nameserver_cc diff -N patches/patch-pdns_nameserver_cc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-pdns_nameserver_cc 20 May 2013 18:12:04 -0000 @@ -0,0 +1,39 @@ +$OpenBSD$ +--- pdns/nameserver.cc.orig Fri May 17 14:30:04 2013 ++++ pdns/nameserver.cc Fri May 17 14:30:23 2013 +@@ -135,7 +135,7 @@ void UDPNameserver::bindIPv4() + L<<Logger::Error<<"UDP server bound to "<<inet_ntoa(locala.sin_addr)<<":"<<::arg().asNum("local-port")<<endl; + struct pollfd pfd; + pfd.fd = s; +- pfd.events = POLL_IN; ++ pfd.events = POLLIN; + pfd.revents = 0; + d_rfds.push_back(pfd); + } +@@ -185,7 +185,7 @@ void UDPNameserver::bindIPv6() + d_sockets.push_back(s); + struct pollfd pfd; + pfd.fd = s; +- pfd.events = POLL_IN; ++ pfd.events = POLLIN; + pfd.revents = 0; + d_rfds.push_back(pfd); + L<<Logger::Error<<"UDPv6 server bound to "<<locala.toStringWithPort()<<endl; +@@ -340,7 +340,7 @@ DNSPacket *UDPNameserver::receive(DNSPacket *prefilled + vector<struct pollfd> rfds= d_rfds; + if(d_sockets.size()>1) { + BOOST_FOREACH(struct pollfd &pfd, rfds) { +- pfd.events = POLL_IN; ++ pfd.events = POLLIN; + pfd.revents = 0; + } + +@@ -349,7 +349,7 @@ DNSPacket *UDPNameserver::receive(DNSPacket *prefilled + unixDie("Unable to poll for new UDP events"); + + BOOST_FOREACH(struct pollfd &pfd, rfds) { +- if(pfd.revents & POLL_IN) { ++ if(pfd.revents & POLLIN) { + sock=pfd.fd; + len=0; + Index: pkg/PLIST-main =================================================================== RCS file: /cvs/ports/net/powerdns/pkg/PLIST-main,v retrieving revision 1.7 diff -u -p -r1.7 PLIST-main --- pkg/PLIST-main 17 May 2012 10:27:02 -0000 1.7 +++ pkg/PLIST-main 20 May 2013 18:12:04 -0000 @@ -1,12 +1,11 @@ @comment $OpenBSD: PLIST-main,v 1.7 2012/05/17 10:27:02 sthen Exp $ -@conflict powerdns-sqlite-* -@conflict powerdns-sqlite3-* -@pkgpath net/powerdns,-sqlite -@pkgpath net/powerdns,-sqlite3 @newgroup _powerdns:609 @newuser _powerdns:609:_powerdns:daemon:Proxy DNS Server:/nonexistent:/sbin/nologin @extraunexec rm -rf /var/pdnsd/* +@bin bin/dnsreplay @bin bin/pdns_control +@bin bin/pdnssec +@bin bin/zone2json @bin bin/zone2ldap @bin bin/zone2sql lib/powerdns/ -- I'm not entirely sure you are real.
